These include: - RSNXE bits were modified, so update the relevant places accordingly. - Some PASN status fields were changed/added. Please note, WLAN_RSNX_CAPAB_PROT_RANGE_NEG was renamed to WLAN_RSNX_CAPAB_URNM_MFPR and the bit position is changed to 15 instead of 10, while BIT 10 is used for WLAN_RSNX_CAPAB_URNM_MFPR_X20 and is not supported yet. Signed-off-by: Ilan Peer <ilan.peer@xxxxxxxxx> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@xxxxxxxxx> --- src/ap/ieee802_11_shared.c | 2 +- src/ap/wpa_auth_ie.c | 2 +- src/common/ieee802_11_defs.h | 6 +++++- src/pasn/pasn_responder.c | 8 ++++---- src/rsn_supp/wpa_ie.c | 2 +- wpa_supplicant/pasn_supplicant.c | 2 +- 6 files changed, 13 insertions(+), 9 deletions(-) diff --git a/src/ap/ieee802_11_shared.c b/src/ap/ieee802_11_shared.c index a7ab3a2d77..31dfb62543 100644 --- a/src/ap/ieee802_11_shared.c +++ b/src/ap/ieee802_11_shared.c @@ -1095,7 +1095,7 @@ u8 * hostapd_eid_rsnxe(struct hostapd_data *hapd, u8 *eid, size_t len) if (hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_AP) capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT); if (hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_AP) - capab |= BIT(WLAN_RSNX_CAPAB_PROT_RANGE_NEG); + capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR); flen = (capab & 0xff00) ? 2 : 1; if (len < 2 + flen || !capab) diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c index 2a17891032..89d4a3ca03 100644 --- a/src/ap/wpa_auth_ie.c +++ b/src/ap/wpa_auth_ie.c @@ -420,7 +420,7 @@ int wpa_write_rsnxe(struct wpa_auth_config *conf, u8 *buf, size_t len) if (conf->secure_rtt) capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT); if (conf->prot_range_neg) - capab |= BIT(WLAN_RSNX_CAPAB_PROT_RANGE_NEG); + capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR); flen = (capab & 0xff00) ? 2 : 1; if (!capab) diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 6ded79deca..93c8b7ae41 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -209,6 +209,9 @@ #define WLAN_STATUS_DENIED_HE_NOT_SUPPORTED 124 #define WLAN_STATUS_SAE_HASH_TO_ELEMENT 126 #define WLAN_STATUS_SAE_PK 127 +#define WLAN_STATUS_INVALID_PUBKEY 136 +#define WLAN_STATUS_PASN_BASE_AKMP_FAILED 137 +#define WLAN_STATUS_OCI_MISMATCH 138 /* Reason codes (IEEE Std 802.11-2016, 9.4.1.7, Table 9-45) */ #define WLAN_REASON_UNSPECIFIED 1 @@ -589,7 +592,8 @@ #define WLAN_RSNX_CAPAB_SAE_PK 6 #define WLAN_RSNX_CAPAB_SECURE_LTF 8 #define WLAN_RSNX_CAPAB_SECURE_RTT 9 -#define WLAN_RSNX_CAPAB_PROT_RANGE_NEG 10 +#define WLAN_RSNX_CAPAB_URNM_MFPR_X20 10 +#define WLAN_RSNX_CAPAB_URNM_MFPR 15 /* Multiple BSSID element subelements */ #define WLAN_MBSSID_SUBELEMENT_NONTRANSMITTED_BSSID_PROFILE 0 diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c index ea2737c0f3..c67fac4540 100644 --- a/src/pasn/pasn_responder.c +++ b/src/pasn/pasn_responder.c @@ -687,7 +687,7 @@ int handle_auth_pasn_1(struct pasn_data *pasn, if (!pasn_params.pubkey || !pasn_params.pubkey_len) { wpa_printf(MSG_DEBUG, "PASN: Invalid public key"); - status = WLAN_STATUS_UNSPECIFIED_FAILURE; + status = WLAN_STATUS_INVALID_PARAMETERS; goto send_resp; } @@ -702,7 +702,7 @@ int handle_auth_pasn_1(struct pasn_data *pasn, if (ret) { wpa_printf(MSG_DEBUG, "PASN: Invalid comeback token"); - status = WLAN_STATUS_UNSPECIFIED_FAILURE; + status = WLAN_STATUS_INVALID_PARAMETERS; goto send_resp; } } else if (pasn->use_anti_clogging) { @@ -730,7 +730,7 @@ int handle_auth_pasn_1(struct pasn_data *pasn, wpa_printf(MSG_DEBUG, "PASN: Invalid first octet in pubkey=0x%x", pasn_params.pubkey[0]); - status = WLAN_STATUS_UNSPECIFIED_FAILURE; + status = WLAN_STATUS_INVALID_PUBKEY; goto send_resp; } @@ -863,7 +863,7 @@ int handle_auth_pasn_1(struct pasn_data *pasn, &pasn_params, wrapped_data, secret); if (ret) { wpa_printf(MSG_DEBUG, "PASN: Failed to derive keys"); - status = WLAN_STATUS_UNSPECIFIED_FAILURE; + status = WLAN_STATUS_PASN_BASE_AKMP_FAILED; goto send_resp; } diff --git a/src/rsn_supp/wpa_ie.c b/src/rsn_supp/wpa_ie.c index 2d7f68e8f4..50bd2b276e 100644 --- a/src/rsn_supp/wpa_ie.c +++ b/src/rsn_supp/wpa_ie.c @@ -376,7 +376,7 @@ int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len) if (sm->secure_rtt) capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT); if (sm->prot_range_neg) - capab |= BIT(WLAN_RSNX_CAPAB_PROT_RANGE_NEG); + capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR); flen = (capab & 0xff00) ? 2 : 1; if (!capab) diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c index fbef7f2dff..b1f9878a4c 100644 --- a/wpa_supplicant/pasn_supplicant.c +++ b/wpa_supplicant/pasn_supplicant.c @@ -577,7 +577,7 @@ static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit) if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_STA) capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT); if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA) - capab |= BIT(WLAN_RSNX_CAPAB_PROT_RANGE_NEG); + capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR); pasn->rsnxe_capab = capab; pasn->send_mgmt = wpas_pasn_send_mlme; -- 2.25.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap